Win7 AV is a Rogue Anti-Spyware program. Win7 AV downloads and installs itself via a Trojan automatically without the users’ knowledge and consent.When a user downloads Win7 AV and runs a scan, the program reports false scan alerts.
The user is then prompted to pay for a full license of the application in order to remove the threats.
The user is then prompted to pay for a full license of the application in order to remove the threats.
Type: Misleading Application
Name: Win7 AV
Website: gcounter.cn (Site already blocked by Google)
Risk Impact: Medium
Systems Affected: Windows 7
Behavior: Win7 AV is a misleading application that may give exaggerated reports of threats on the computer.
How to Remove Win7 AV
Manual Win7 AV Removal
Win7 AV processes:
Win7Browser.exe
Win7 AV.exe
Win7 AV DLLs:
VmDetectLibrary.dll
svhostqt.dll
svhostesl.dll
sbhostcl.dll
Other malicious Win7 AV files:
Win7Browser.exe
Win7 AV.exe
VmDetectLibrary.dll
svhostqt.dll
svhostesl.dll
sbhostcl.dll
Automatic Removal
Download and install SUPERAntiSpyware and Malwarebytes Anti-Malware. Both security programs come with free versions.
I recommend that you run multiple passes of SUPERAntiSpyware and Malwarebytes Anti-Malware.
Major Defense Kit is a Rogue Anti-Spyware program. Major Defense Kit downloads and installs itself via a Trojan automatically without the users knowledge and consent. When a user downloads Major Defense Kit and runs a scan, the program reports false scan alerts. The user is then prompted to pay for a full license of the application in order to remove the threats.
Type: Misleading Application
Name: Major Defense Kit
Website: Unknown
Risk Impact: Medium
Systems Affected: Windows 2000, Windows Server 2003, Windows Vista, Windows XP and Windows 7
Behavior: Major Defense Kit is a misleading application that may give exaggerated reports of threats on the computer.
How to Remove Major Defense Kit
Major Defense Kit Removal
Major Defense Kit processes:
antispy.exe
defender.exe
tmp.exe
Major Defense Kit registry values:
HKEY_CURRENT_USER\Software\PAV
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings “WarnonBadCertRecving” = “0″
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings “WarnOnPostRedirect” = “0″
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “tmp”
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce “SelfdelNT”
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon “Shell” = “%UserProfile%\Application Data\antispy.exe”
Other malicious Major Defense Kit files:
%UserProfile%\Application Data\PAV\
%UserProfile%\Application Data\antispy.exe
%UserProfile%\Application Data\defender.exe
%UserProfile%\Application Data\tmp.exe
%UserProfile%\Local Settings\Temp\kjkkklklj.bat
Automatic Removal
Download and install SUPERAntiSpyware and Malwarebytes Anti-Malware. Both security programs come with free versions.
I recommend that you run multiple passes of SUPERAntiSpyware and Malwarebytes Anti-Malware.
If you liked this article, subscribe to the feed by clicking the image below to keep informed about new contents of the blog:
No comments: